Microsoft Acquires PhoneFactor for Mobile Security
Microsoft Acquires PhoneFactor for Mobile Security by UCStrategies Staff
In an effort to boost security for mobile business applications, Microsoft has acquired mobile security provider PhoneFactor. The Overland Park, Kansas-based PhoneFactor delivers strong multi-factor authentication security for business applications that companies deploy on smartphones. Neither company disclosed any acquisition details.
The key to PhoneFactor's security offering is its two-factor authentication technology. With two-factor authentication, you need more than just a username and password to log in. You must be authenticated using two of three factors. The three factors are based on who you are, what you know, or what you have.
Who you are means identifying a user through his or her fingerprints, voice recognition or a retina scan. What you know means that a user enters their username and password or other required credentials. What you have means items such as an encryption token, USB thumb drive or smartcard. A common example of two-factor authentication is when you use your ATM card at an automatic teller machine. The card represents something you have, while the PIN that you enter is something you know.
Two-factor authentication provides stronger security because although a hacker may be able to discover your username and/or password, chances are slim that the hacker will be able to get hold of one of the other factors.
PhoneFactor founder and CEO Timothy Sutton stated in a blog post, “With Microsoft’s product breadth and distribution reach, it will be possible to bring the benefits of PhoneFactor to a broader set of customers, partners and developers than we could as a stand-alone company. And as part of Microsoft, we will work to improve the interoperability and ease of use of our solutions.”
Bharat Shah, corporate vice president for the Server and Tools Division at Microsoft, says that PhoneFactor will let Microsoft offer easy-to-use two-factor authentication to its cloud services and on-premise applications users. He goes on to add that the acquisition will help Microsoft customers, partners and developers "enhance the security of almost any authentication scenario.”
The PhoneFactor security technology already works with several Microsoft products and services, including Outlook Web Access (OWA), Internet Information Services (IIS) and Active Directory. In the future, it will likely interoperate with Office 365, the cloud-based version of its Office productivity suite.
The PhoneFactor technology also is an element of Microsoft's HealthVault platform for securing applications in the health care and health insurance industries, which require strict security and privacy protection.
PhoneFactor will operate independently from Microsoft and sell its products on a stand-alone basis for the time being, but in the future, the application will likely be sold through Microsoft's Volume Licensing program. (GR) Link.